avoid cracking hashes already cracked

2019-06-02 21:14:02 -04:00
parent b26c5c63e2
commit 3589c4f4c7
7 changed files with 84 additions and 52 deletions
@@ -106,5 +106,16 @@ module Auxiliary::PasswordCracker
    wordlist.to_file(max_len)
  end

+  def already_cracked_pass(hash)
+    framework.db.creds({:pass => hash}).each do |test_cred|
+      test_cred.public.cores.each do |core|
+        if core.origin_type == "Metasploit::Credential::Origin::CrackedPassword"
+          return core.private.data
+        end
+      end
+    end
+    nil
+  end
+
 end
 end
@@ -228,14 +228,17 @@ class MetasploitModule < Msf::Auxiliary
    regex = Regexp.new hashes_regex
    framework.db.creds(workspace: myworkspace, type: 'Metasploit::Credential::NonreplayableHash').each do |core|
      if core.private.jtr_format =~ regex
-        if action.name == 'john'
-          hashlist.puts hash_to_jtr(core)
-        elsif action.name == 'hashcat'
-          # hashcat hash files dont include the ID to reference back to so we build an array to reference
-          hashes << {'hash' => core.private.data, 'un' => core.public.username, 'id' => core.id}
-          hashlist.puts hash_to_hashcat(core)
+        # only add hashes which havne't been cracked
+        if already_cracked_pass(core.private.data).nil?
+          if action.name == 'john'
+            hashlist.puts hash_to_jtr(core)
+          elsif action.name == 'hashcat'
+            # hashcat hash files dont include the ID to reference back to so we build an array to reference
+            hashes << {'hash' => core.private.data, 'un' => core.public.username, 'id' => core.id}
+            hashlist.puts hash_to_hashcat(core)
+          end
+          wrote_hash = true
        end
-        wrote_hash = true
      end
    end
    hashlist.close
@@ -336,34 +336,40 @@ class MetasploitModule < Msf::Auxiliary
    regex = Regexp.new hashes_regex
    framework.db.creds(workspace: myworkspace, type: 'Metasploit::Credential::NonreplayableHash').each do |core|
      if core.private.jtr_format =~ regex
-        if action.name == 'john'
-          hashlist.puts hash_to_jtr(core)
-        elsif action.name == 'hashcat'
-          # hashcat hash files dont include the ID to reference back to so we build an array to reference
-          hashes << {'hash' => core.private.data, 'un' => core.public.username, 'id' => core.id}
-          hashlist.puts hash_to_hashcat(core)
-        end
-        wrote_hash = true
-      end
-    end
-    if datastore['POSTGRES']
-      framework.db.creds(workspace: myworkspace, type: 'Metasploit::Credential::PostgresMD5').each do |core|
-        if core.private.jtr_format =~ regex
+        # only add hashes which havne't been cracked
+        if already_cracked_pass(core.private.data).nil?
          if action.name == 'john'
-            # hashcat hash files dont include the ID to reference back to so we build an array to reference
-            # however, for postgres, john doesn't take an id either
-            hashes << {'hash' => hash_to_jtr(core), 'un' => core.public.username, 'id' => core.id}
            hashlist.puts hash_to_jtr(core)
          elsif action.name == 'hashcat'
            # hashcat hash files dont include the ID to reference back to so we build an array to reference
            hashes << {'hash' => core.private.data, 'un' => core.public.username, 'id' => core.id}
            hashlist.puts hash_to_hashcat(core)
          end
-
          wrote_hash = true
        end
      end
    end
+    if datastore['POSTGRES']
+      framework.db.creds(workspace: myworkspace, type: 'Metasploit::Credential::PostgresMD5').each do |core|
+        if core.private.jtr_format =~ regex
+          # only add hashes which havne't been cracked
+          if already_cracked_pass(core.private.data).nil?
+            if action.name == 'john'
+              # hashcat hash files dont include the ID to reference back to so we build an array to reference
+              # however, for postgres, john doesn't take an id either
+              hashes << {'hash' => hash_to_jtr(core), 'un' => core.public.username, 'id' => core.id}
+              hashlist.puts hash_to_jtr(core)
+            elsif action.name == 'hashcat'
+              # hashcat hash files dont include the ID to reference back to so we build an array to reference
+              hashes << {'hash' => core.private.data, 'un' => core.public.username, 'id' => core.id}
+              hashlist.puts hash_to_hashcat(core)
+            end
+
+            wrote_hash = true
+          end
+        end
+      end
+    end
    hashlist.close
    unless wrote_hash # check if we wrote anything and bail early if we didn't
      hashlist.delete
@@ -252,14 +252,17 @@ class MetasploitModule < Msf::Auxiliary
    regex = Regexp.new hashes_regex
    framework.db.creds(workspace: myworkspace, type: 'Metasploit::Credential::NonreplayableHash').each do |core|
      if core.private.jtr_format =~ regex
-        if action.name == 'john'
-          hashlist.puts hash_to_jtr(core)
-        elsif action.name == 'hashcat'
-          # hashcat hash files dont include the ID to reference back to so we build an array to reference
-          hashes << {'hash' => core.private.data, 'un' => core.public.username, 'id' => core.id}
-          hashlist.puts hash_to_hashcat(core)
+        # only add hashes which havne't been cracked
+        if already_cracked_pass(core.private.data).nil?
+          if action.name == 'john'
+            hashlist.puts hash_to_jtr(core)
+          elsif action.name == 'hashcat'
+            # hashcat hash files dont include the ID to reference back to so we build an array to reference
+            hashes << {'hash' => core.private.data, 'un' => core.public.username, 'id' => core.id}
+            hashlist.puts hash_to_hashcat(core)
+          end
+          wrote_hash = true
        end
-        wrote_hash = true
      end
    end
    hashlist.close
@@ -231,14 +231,17 @@ class MetasploitModule < Msf::Auxiliary
    regex = Regexp.new hashes_regex
    framework.db.creds(workspace: myworkspace, type: 'Metasploit::Credential::NonreplayableHash').each do |core|
      if core.private.jtr_format =~ regex
-        if action.name == 'john'
-          hashlist.puts hash_to_jtr(core)
-        elsif action.name == 'hashcat'
-          # hashcat hash files dont include the ID to reference back to so we build an array to reference
-          hashes << {'hash' => core.private.data, 'un' => core.public.username, 'id' => core.id}
-          hashlist.puts hash_to_hashcat(core)
+        # only add hashes which havne't been cracked
+        if already_cracked_pass(core.private.data).nil?
+          if action.name == 'john'
+            hashlist.puts hash_to_jtr(core)
+          elsif action.name == 'hashcat'
+            # hashcat hash files dont include the ID to reference back to so we build an array to reference
+            hashes << {'hash' => core.private.data, 'un' => core.public.username, 'id' => core.id}
+            hashlist.puts hash_to_hashcat(core)
+          end
+          wrote_hash = true
        end
-        wrote_hash = true
      end
    end
    hashlist.close
@@ -232,14 +232,17 @@ class MetasploitModule < Msf::Auxiliary
    regex = Regexp.new hashes_regex
    framework.db.creds(workspace: myworkspace, type: 'Metasploit::Credential::NonreplayableHash').each do |core|
      if core.private.jtr_format =~ regex
-        if action.name == 'john'
-          hashlist.puts hash_to_jtr(core)
-        elsif action.name == 'hashcat'
-          # hashcat hash files dont include the ID to reference back to so we build an array to reference
-          hashes << {'hash' => core.private.data, 'un' => core.public.username, 'id' => core.id}
-          hashlist.puts hash_to_hashcat(core)
+        # only add hashes which havne't been cracked
+        if already_cracked_pass(core.private.data).nil?
+          if action.name == 'john'
+            hashlist.puts hash_to_jtr(core)
+          elsif action.name == 'hashcat'
+            # hashcat hash files dont include the ID to reference back to so we build an array to reference
+            hashes << {'hash' => core.private.data, 'un' => core.public.username, 'id' => core.id}
+            hashlist.puts hash_to_hashcat(core)
+          end
+          wrote_hash = true
        end
-        wrote_hash = true
      end
    end
    hashlist.close
@@ -261,14 +261,17 @@ class MetasploitModule < Msf::Auxiliary
    framework.db.creds(workspace: myworkspace, type: 'Metasploit::Credential::NTLMHash').each do |core|
      regex = Regexp.new hashes_regex
      if core.private.jtr_format =~ regex
-        if action.name == 'john'
-          hashlist.puts hash_to_jtr(core)
-        elsif action.name == 'hashcat'
-          # hashcat hash files dont include the ID to reference back to so we build an array to reference
-          hashes << {'hash' => core.private.data, 'un' => core.public.username, 'id' => core.id}
-          hashlist.puts hash_to_hashcat(core)
+        # only add hashes which havne't been cracked
+        if already_cracked_pass(core.private.data).nil?
+          if action.name == 'john'
+            hashlist.puts hash_to_jtr(core)
+          elsif action.name == 'hashcat'
+            # hashcat hash files dont include the ID to reference back to so we build an array to reference
+            hashes << {'hash' => core.private.data, 'un' => core.public.username, 'id' => core.id}
+            hashlist.puts hash_to_hashcat(core)
+          end
+          wrote_hash = true
        end
-        wrote_hash = true
      end
    end
    hashlist.close